CVE-2006-0428 : Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), al

Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), allows remote attackers to access restricted web resources via crafted URLs.

Published 2006-01-25 23:07:00

Updated 2018-10-30 16:25:29

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-0428

Probability of exploitation activity in the next 30 days: 2.74%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-0428

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-0428

Products affected by CVE-2006-0428

Oracle » Weblogic Portal » Version: 8.1 Update SP3
cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*
Matching versions
Oracle » Weblogic Portal » Version: 8.1 Update SP4
cpe:2.3:a:oracle:weblogic_portal:8.1:sp4:*:*:*:*:*:*
Matching versions
Oracle » Weblogic Portal » Version: 8.1 Update SP5
cpe:2.3:a:oracle:weblogic_portal:8.1:sp5:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-0428

Exploit prediction scoring system (EPSS) score for CVE-2006-0428

CVSS scores for CVE-2006-0428

References for CVE-2006-0428

Products affected by CVE-2006-0428